Confidentiality Protection in Large Databases

A growing trend in today’s society is outsourcing large databases to the cloud. This permits to move the management burden from the data owner to external providers, which can make vast and scalable infrastructures available at competitive prices. Since large databases can include sensitive information, effective protection of data confidentiality is a key issue to fully enable data owners to enjoy the benefits of cloud-based solutions. Data encryption and data fragmentation have been proposed as two natural solutions for protecting data confidentiality. However, their adoption does not permit to completely delegate query evaluation at the provider. In this chapter, we illustrate some encryption-based and fragmentation-based solutions for protecting data confidentiality, discussing also how they support query execution.

[1]  Pierangela Samarati,et al.  Cloud Security: Issues and Concerns , 2016 .

[2]  Jean-Sébastien Coron,et al.  Fully Homomorphic Encryption over the Integers with Shorter Public Keys , 2011, IACR Cryptol. ePrint Arch..

[3]  Sabrina De Capitani di Vimercati,et al.  An OBDD approach to enforce confidentiality and visibility constraints in data publishing , 2012, J. Comput. Secur..

[4]  Hari Balakrishnan,et al.  CryptDB: protecting confidentiality with encrypted query processing , 2011, SOSP.

[5]  Ramakrishnan Srikant,et al.  Order preserving encryption for numeric data , 2004, SIGMOD '04.

[6]  Sabrina De Capitani di Vimercati,et al.  Selective and Fine-Grained Access to Data in the Cloud , 2014, Secure Cloud Computing.

[7]  Ramarathnam Venkatesan,et al.  Secure database-as-a-service with Cipherbase , 2013, SIGMOD '13.

[8]  Vinod Vaikuntanathan,et al.  Efficient Fully Homomorphic Encryption from (Standard) LWE , 2011, 2011 IEEE 52nd Annual Symposium on Foundations of Computer Science.

[9]  Sabrina De Capitani di Vimercati,et al.  Managing and accessing data in the cloud: Privacy risks and approaches , 2012, 2012 7th International Conference on Risks and Security of Internet and Systems (CRiSIS).

[10]  Sushil Jajodia,et al.  Fragmentation in Presence of Data Dependencies , 2014, IEEE Transactions on Dependable and Secure Computing.

[11]  Sushil Jajodia,et al.  Selective data outsourcing for enforcing privacy , 2011, J. Comput. Secur..

[12]  Vincenzo Piuri,et al.  Supporting Security Requirements for Resource Management in Cloud Computing , 2012, 2012 IEEE 15th International Conference on Computational Science and Engineering.

[13]  Sushil Jajodia,et al.  Balancing confidentiality and efficiency in untrusted relational DBMSs , 2003, CCS '03.

[14]  Vincenzo Piuri,et al.  Chapter 1 – Fault Tolerance and Resilience in Cloud Computing Environments , 2014 .

[15]  Hakan Hacigümüs,et al.  Providing database as a service , 2002, Proceedings 18th International Conference on Data Engineering.

[16]  Sushil Jajodia,et al.  Fragmentation Design for Efficient Query Execution over Sensitive Distributed Databases , 2009, 2009 29th IEEE International Conference on Distributed Computing Systems.

[17]  Sushil Jajodia,et al.  Combining fragmentation and encryption to protect privacy in data storage , 2010, TSEC.

[18]  Jean-Sébastien Coron,et al.  Public Key Compression and Modulus Switching for Fully Homomorphic Encryption over the Integers , 2012, EUROCRYPT.

[19]  Hakan Hacigümüs,et al.  Efficient Execution of Aggregation Queries over Encrypted Relational Databases , 2004, DASFAA.

[20]  Sabrina De Capitani di Vimercati,et al.  Protecting Data in Outsourcing Scenarios , 2012 .

[21]  Sabrina De Capitani di Vimercati,et al.  Practical Techniques Building on Encryption for Protecting and Managing Data in the Cloud , 2015, The New Codebreakers.

[22]  Rajeev Motwani,et al.  Two Can Keep A Secret: A Distributed Architecture for Secure Database Services , 2005, CIDR.

[23]  Sushil Jajodia,et al.  Fragmentation and Encryption to Enforce Privacy in Data Storage , 2007, ESORICS.

[24]  Craig Gentry,et al.  Fully homomorphic encryption using ideal lattices , 2009, STOC '09.

[25]  Samuel Madden,et al.  Processing Analytical Queries over Encrypted Data , 2013, Proc. VLDB Endow..

[26]  Ronald L. Rivest,et al.  ON DATA BANKS AND PRIVACY HOMOMORPHISMS , 1978 .

[27]  Vinod Vaikuntanathan,et al.  Efficient Fully Homomorphic Encryption from (Standard) LWE , 2011, 2011 IEEE 52nd Annual Symposium on Foundations of Computer Science.

[28]  Laks V. S. Lakshmanan,et al.  Efficient secure query evaluation over encrypted XML databases , 2006, VLDB.

[29]  Sushil Jajodia,et al.  Keep a Few: Outsourcing Data While Maintaining Confidentiality , 2009, ESORICS.